Many access control systems still rely just on the UID of the card. It is a unique number, generated during manufacturing, read-only and impossible to change. There are however special, unofficial “Magic UID” cards (like my business card) that allow to set any UID - clone it from other cards. It takes just a few seconds with the new “one click” cloning feature that I have contributed to free Mifare Classic Tool Android application.
During this training we will focus on two technologies implemented very commonly in various IoT devices, including among others smart locks and access control systems : BLE and NFC/RFID. Bluetooth Low Energy (Smart, 4) is one of the most popular and rapidly growing IoT technologies. Unfortunatelly the prevalence of technology does not come with security, and the knowledge on how to comprehensively assess such devices seems very uncommon. This training aims to address this need.
Bluetooth Low Energy is one of the most exploding IoT technologies. BLE devices surround us more and more - not only as wearables, toothbrushes and sex toys, but also smart locks, medical devices and banking tokens. Alarming vulnerabilities of these devices have been exposed multiple times recently. And yet, the knowledge on how to comprehesively assess their security seems very uncommon. Not to mention best practices guidelines, which are practically absent.